Explore the intricacies of planning and executing effective red team exercises in this informative conference talk from BSidesSF 2016. Delve into the key differences between red team exercises and penetration tests, learning how to properly structure scenarios, objectives, scope, and rules of engagement to accurately simulate real-world adversaries. Gain valuable insights from dozens of successful red team engagements, including best practices and illustrative war stories that highlight the importance of each element. For offensive security professionals, discover techniques for managing client expectations and guiding them towards engagements that realistically measure their ability to prevent, detect, and respond to actual attacks. Enterprise security teams will benefit from a deeper understanding of this assessment style and learn how to collaborate with red teams to drive meaningful improvements in their security programs.
Overview
Syllabus
BSidesSF 2016 - Planning Effective Red Team Exercises (Sean T. Malone)
Taught by
Security BSides San Francisco